I took a trace between NPS and my PC. We see the login in clear text and password in crypt text.
I had the same idea that the shared secret should encrypt the traffic. It doesn’t seem. I will look at this nevertheless. thanks Geoffroy HUGUENIN CEA VALDUC VA/DSTA/STLI/LSIS 21120 IS-SUR-TILLE Téléphone : 03 80 23 77 80 De : Brian Anderson - ASI [mailto:[email protected]] Envoyé : jeudi 14 février 2013 14:15 À : Enterasys Customer Mailing List Objet : Re: [enterasys] Radius management access with CHAP PAP is it for switch logins. The shared secret setup between the switch and NPS should encrypt the traffic. I would take a network trace to verify. From: [email protected] [mailto:[email protected]] Sent: Thursday, February 14, 2013 4:04 AM To: Enterasys Customer Mailing List Subject: [enterasys] Radius management access with CHAP Hi, We change our radius server from Freeradius to NPS on windows 2008 R2. The authentication method is PAP (like freeradius). The system administrator want to use CHAP because of the clear password with PAP. NPS gives MS-CHAP (v1 or v2), CHAP, PAP and SPAP. But switches don’t offer this choice, it seems ! I don’t see anything about CHAP or anything else on the Enterasys knowledgebase. Do you know if it’s possible to use another protocol with the “management access” for radius ? Best regards Geoffroy HUGUENIN CEA VALDUC VA/DSTA/STLI/LSIS 21120 IS-SUR-TILLE Téléphone : 03 80 23 77 80 * --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] * --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] * --To unsubscribe from enterasys, send email to [email protected] <mailto:[email protected]> with the body: unsubscribe enterasys [email protected] <mailto:[email protected]> --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
